Japanese 
English
PHP deobfuscation, decryption, reconstruction toolDe-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php
include_once 'Utilities.php';
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class SAML2SPAssertion
{
private $id;
private $issueInstant;
private $issuer;
private $nameId;
private $encryptedNameId;
private $encryptedAttribute;
private $encryptionKey;
private $notBefore;
private $notOnOrAfter;
private $validAudiences;
private $sessionNotOnOrAfter;
private $sessionIndex;
private $authnInstant;
private $authnContextClassRef;
private $authnContextDecl;
private $authnContextDeclRef;
private $AuthenticatingAuthority;
private $attributes;
private $nameFormat;
private $signatureKey;
private $certificates;
private $signatureData;
private $requiredEncAttributes;
private $SubjectConfirmation;
private $privateKeyUrl;
protected $wasSignedAtConstruction = FALSE;
public function __construct(DOMElement $l3 = NULL, $NI)
{
$this->id = SAMLSPUtilities::generateId();
$this->issueInstant = SAMLSPUtilities::generateTimestamp();
$this->issuer = '';
$this->authnInstant = SAMLSPUtilities::generateTimestamp();
$this->attributes = array();
$this->nameFormat = "\x75\162\156\72\x6f\x61\x73\151\163\x3a\156\x61\155\145\x73\72\164\143\x3a\123\x41\x4d\x4c\x3a\61\x2e\x31\72\x6e\141\155\145\151\x64\x2d\146\x6f\162\x6d\x61\x74\x3a\x75\x6e\x73\x70\x65\143\151\146\x69\145\144";
$this->certificates = array();
$this->AuthenticatingAuthority = array();
$this->SubjectConfirmation = array();
if (!($l3 === NULL)) {
goto WO;
}
return;
WO:
if (!($l3->localName === "\x45\x6e\x63\162\x79\160\x74\145\x64\x41\x73\x73\x65\x72\164\151\157\x6e")) {
goto yj;
}
$h4 = SAMLSPUtilities::xpQuery($l3, "\56\57\170\145\156\143\72\x45\x6e\143\x72\171\160\x74\x65\x64\x44\x61\164\141");
$N2 = SAMLSPUtilities::xpQuery($l3, "\x2f\x2f\x2a\x5b\x6c\x6f\x63\141\154\x2d\x6e\141\155\145\50\51\x3d\47\x45\156\x63\162\171\x70\x74\x65\144\113\x65\171\x27\135\x2f\x2a\x5b\154\x6f\x63\141\154\55\156\141\155\x65\x28\51\x3d\47\105\156\143\162\x79\160\164\x69\157\156\115\x65\164\150\x6f\x64\47\x5d\57\x40\101\154\147\x6f\162\x69\164\150\155");
$u0 = $N2[0]->value;
$yu = SAMLSPUtilities::getEncryptionAlgorithm($u0);
if (count($h4) === 0) {
goto q9;
}
if (count($h4) > 1) {
goto Co;
}
goto cq;
q9:
throw new Exception("\x4d\x69\163\163\151\x6e\x67\40\145\156\x63\x72\171\160\164\x65\144\40\x64\x61\x74\x61\x20\x69\x6e\40\x3c\x73\141\155\x6c\72\105\156\x63\x72\171\x70\164\x65\x64\101\x73\163\x65\162\164\151\x6f\156\76\56");
goto cq;
Co:
throw new Exception("\115\157\x72\x65\x20\x74\x68\141\x6e\x20\x6f\156\145\40\x65\156\x63\162\171\160\x74\x65\144\x20\x64\x61\164\x61\40\145\x6c\x65\155\x65\156\164\40\151\156\x20\x3c\163\141\155\x6c\x3a\x45\x6e\x63\162\x79\160\x74\x65\x64\x41\x73\x73\x65\x72\164\x69\x6f\156\x3e\56");
cq:
$WO = new XMLSecurityKey($yu, array("\164\x79\x70\x65" => "\x70\x72\151\x76\141\x74\x65"));
$WO->loadKey($NI, FALSE);
$io = array();
$l3 = SAMLSPUtilities::decryptElement($h4[0], $WO, $io);
yj:
if ($l3->hasAttribute("\111\104")) {
goto mo;
}
throw new Exception("\x4d\x69\163\163\151\x6e\147\40\x49\104\x20\141\x74\x74\162\151\x62\x75\x74\x65\40\x6f\156\40\123\101\x4d\x4c\x20\x61\163\163\145\x72\x74\x69\157\156\56");
mo:
$this->id = $l3->getAttribute("\x49\104");
if (!($l3->getAttribute("\126\145\x72\x73\151\x6f\156") !== "\62\56\60")) {
goto h1;
}
throw new Exception("\x55\x6e\x73\x75\160\160\x6f\x72\x74\145\144\40\x76\x65\162\x73\x69\x6f\156\72\40" . $l3->getAttribute("\x56\x65\162\163\x69\x6f\x6e"));
h1:
$this->issueInstant = SAMLSPUtilities::xsDateTimeToTimestamp($l3->getAttribute("\111\x73\x73\165\x65\111\x6e\x73\164\141\x6e\x74"));
$Ai = SAMLSPUtilities::xpQuery($l3, "\56\57\163\141\155\154\137\x61\x73\x73\x65\x72\x74\x69\157\x6e\72\111\x73\x73\165\x65\x72");
if (!empty($Ai)) {
goto FW;
}
throw new Exception("\x4d\151\x73\163\x69\156\x67\40\74\x73\141\155\154\x3a\111\163\x73\165\x65\x72\x3e\40\x69\x6e\x20\x61\163\x73\145\x72\x74\x69\x6f\x6e\56");
FW:
$this->issuer = trim($Ai[0]->textContent);
$this->parseConditions($l3);
$this->parseAuthnStatement($l3);
$this->parseAttributes($l3);
$this->parseEncryptedAttributes($l3);
$this->parseSignature($l3);
$this->parseSubject($l3);
}
private function parseSubject(DOMElement $l3)
{
$Ja = SAMLSPUtilities::xpQuery($l3, "\56\x2f\163\141\155\x6c\137\x61\x73\x73\x65\x72\x74\x69\x6f\x6e\x3a\123\165\x62\x6a\x65\143\x74");
if (empty($Ja)) {
goto rY;
}
if (count($Ja) > 1) {
goto yy;
}
goto lM;
rY:
return;
goto lM;
yy:
throw new Exception("\x4d\x6f\162\x65\x20\x74\150\x61\x6e\40\x6f\156\x65\40\74\x73\x61\x6d\x6c\x3a\123\165\x62\x6a\145\x63\164\x3e\x20\151\156\40\x3c\163\x61\x6d\x6c\x3a\x41\163\x73\x65\x72\x74\151\157\156\76\x2e");
lM:
$Ja = $Ja[0];
$OJ = SAMLSPUtilities::xpQuery($Ja, "\56\x2f\x73\141\155\154\x5f\x61\x73\x73\x65\162\164\151\157\156\x3a\116\141\x6d\x65\x49\104\40\174\40\x2e\57\163\141\x6d\154\137\x61\x73\163\x65\162\164\x69\x6f\x6e\x3a\105\x6e\143\162\171\x70\x74\x65\x64\111\104\x2f\170\145\156\x63\x3a\x45\156\143\x72\x79\x70\164\145\x64\x44\x61\x74\x61");
if (empty($OJ)) {
goto by;
}
if (count($OJ) > 1) {
goto On;
}
goto zV;
by:
$tr = $_POST["\122\x65\154\141\x79\x53\164\x61\164\x65"];
if ($tr == "\164\145\163\x74\126\x61\154\151\144\x61\164\145" or $tr == "\x74\x65\163\x74\x4e\x65\x77\x43\145\x72\164\x69\146\x69\x63\x61\164\x65") {
goto YD;
}
wp_die("\127\x65\40\143\157\x75\154\x64\40\x6e\157\164\40\x73\x69\147\x6e\40\x79\x6f\x75\40\x69\x6e\56\x20\x50\x6c\x65\x61\x73\x65\40\x63\157\156\164\x61\x63\164\x20\x79\x6f\x75\x72\x20\141\144\155\151\x6e\x69\163\164\x72\141\164\157\x72");
goto Tg;
YD:
echo "\x3c\144\x69\166\40\163\164\171\154\x65\75\42\x66\x6f\156\164\55\146\141\x6d\x69\154\171\x3a\x43\141\154\x69\x62\x72\151\x3b\160\x61\x64\144\151\156\x67\72\60\40\x33\45\73\x22\x3e";
echo "\74\144\x69\166\x20\163\x74\x79\x6c\x65\75\x22\x63\157\x6c\157\x72\72\x20\x23\x61\x39\64\x34\x34\x32\x3b\142\141\x63\x6b\147\x72\x6f\165\156\144\55\143\157\154\157\x72\x3a\x20\43\x66\62\144\145\x64\145\x3b\x70\x61\144\144\x69\156\x67\x3a\40\x31\65\160\170\x3b\x6d\141\162\x67\x69\156\55\x62\157\164\164\x6f\155\72\x20\x32\60\160\170\x3b\x74\145\170\164\55\141\154\151\x67\x6e\72\x63\x65\156\164\145\x72\73\x62\157\162\x64\x65\x72\x3a\x31\x70\x78\x20\163\x6f\154\151\x64\x20\43\x45\x36\102\63\102\x32\x3b\x66\x6f\156\164\55\x73\151\172\x65\72\x31\70\160\164\73\42\76\40\x45\122\x52\117\x52\x3c\x2f\144\x69\166\x3e\12\x20\40\x20\x20\x20\40\x20\40\x20\x20\40\x3c\x64\151\166\40\163\x74\x79\154\145\75\42\x63\157\154\x6f\162\x3a\x20\x23\141\71\64\64\x34\62\73\x66\157\x6e\164\x2d\163\x69\172\x65\72\x31\x34\x70\x74\x3b\x20\155\141\x72\x67\x69\x6e\55\x62\157\x74\x74\157\x6d\x3a\x32\x30\160\170\x3b\x22\x3e\x3c\160\x3e\x3c\x73\x74\162\x6f\156\147\76\105\x72\162\x6f\162\x3a\x20\74\57\163\x74\x72\157\x6e\x67\x3e\115\151\163\x73\x69\156\147\x20\40\116\x61\x6d\x65\111\x44\40\x6f\162\40\105\156\x63\162\x79\x70\x74\145\144\111\x44\40\x69\156\x20\x53\x41\115\114\x20\x52\x65\163\x70\157\x6e\x73\x65\x2e\x3c\57\x70\x3e\xa\40\40\40\x20\x20\x20\40\40\40\x20\40\40\40\40\x20\40\74\160\x3e\120\154\x65\x61\x73\145\x20\x63\x6f\x6e\164\141\143\x74\x20\171\x6f\165\162\x20\x61\144\x6d\x69\156\x69\163\164\x72\141\x74\x6f\162\40\x61\156\144\40\162\x65\160\x6f\x72\164\x20\164\x68\x65\x20\x66\x6f\x6c\154\157\x77\151\x6e\x67\40\145\162\x72\157\162\72\x3c\x2f\160\x3e\xa\40\x20\40\40\x20\x20\x20\x20\x20\x20\40\40\x20\40\40\40\x3c\x70\76\74\163\164\x72\157\156\x67\x3e\120\x6f\163\x73\151\142\154\x65\x20\103\141\165\x73\x65\x3a\x3c\57\163\164\x72\157\156\147\x3e\x20\116\x61\x6d\x65\x49\x44\x20\x6e\x6f\164\40\146\x6f\165\x6e\144\x20\x69\x6e\x20\x53\101\115\114\x20\x52\145\x73\x70\157\x6e\163\x65\40\163\165\142\152\x65\143\164\56\74\x2f\x70\x3e\xa\x20\40\40\x20\40\x20\x20\x20\x20\x20\40\x20\40\x20\x20\x20\74\57\x64\151\166\x3e\xa\40\x20\40\40\x20\x20\40\40\40\40\x20\40\x20\40\x20\40\74\144\151\x76\x20\x73\x74\171\154\x65\x3d\x22\x6d\x61\162\147\151\x6e\72\63\x25\73\x64\x69\163\160\154\141\171\x3a\x62\x6c\x6f\x63\x6b\73\164\145\x78\x74\55\141\x6c\151\x67\x6e\72\x63\x65\156\x74\x65\162\x3b\42\x3e\xa\x20\40\x20\40\x20\x20\x20\40\x20\x20\x20\x20\x20\x20\x20\x20\74\x64\151\166\40\x73\164\171\154\x65\75\x22\x6d\x61\162\147\151\156\x3a\x33\x25\x3b\144\151\x73\x70\154\x61\x79\x3a\142\x6c\157\143\x6b\73\x74\145\170\164\x2d\141\154\151\147\156\72\143\145\156\x74\x65\x72\73\x22\76\74\x69\156\160\x75\x74\40\163\x74\171\x6c\x65\x3d\42\160\141\x64\x64\x69\156\x67\72\x31\45\73\167\x69\144\x74\x68\x3a\x31\x30\x30\x70\x78\73\x62\141\x63\x6b\x67\x72\157\x75\156\144\72\x20\43\60\x30\71\x31\x43\x44\40\156\157\156\145\x20\x72\145\160\145\141\164\x20\x73\143\162\x6f\154\x6c\x20\60\45\x20\x30\x25\73\x63\x75\x72\x73\157\x72\x3a\40\160\x6f\151\156\164\x65\x72\x3b\146\157\x6e\164\55\163\151\172\145\72\x31\x35\160\170\73\x62\x6f\162\144\145\162\55\x77\151\x64\164\150\72\x20\61\160\170\73\142\x6f\162\144\x65\162\x2d\x73\x74\x79\x6c\x65\72\40\x73\x6f\x6c\151\144\73\x62\157\x72\144\145\x72\55\162\141\144\x69\x75\x73\x3a\x20\63\160\170\x3b\167\x68\x69\164\145\x2d\163\x70\x61\143\145\x3a\40\156\157\x77\162\141\x70\73\x62\157\x78\x2d\x73\151\172\151\x6e\x67\72\40\142\157\162\x64\x65\x72\x2d\x62\x6f\x78\x3b\x62\x6f\x72\144\x65\162\55\143\x6f\x6c\x6f\162\x3a\x20\x23\60\60\67\x33\x41\x41\73\x62\x6f\170\55\163\x68\141\x64\157\x77\x3a\x20\60\160\170\x20\61\160\170\40\x30\160\x78\x20\x72\x67\x62\141\x28\x31\x32\x30\x2c\x20\62\x30\x30\54\40\62\63\60\54\40\60\x2e\x36\x29\40\x69\156\x73\145\164\73\x63\157\154\x6f\162\72\40\x23\106\106\106\73\x22\x74\x79\160\145\75\x22\x62\x75\x74\164\157\156\x22\x20\x76\x61\x6c\165\145\75\42\104\157\x6e\x65\x22\x20\157\156\103\154\x69\x63\153\x3d\x22\163\145\x6c\146\56\143\x6c\x6f\x73\x65\x28\51\73\42\x3e\74\x2f\144\151\166\76";
exit;
Tg:
goto zV;
On:
throw new Exception("\x4d\157\x72\145\x20\x74\150\141\x6e\x20\157\x6e\145\x20\74\x73\141\x6d\x6c\x3a\x4e\x61\155\x65\x49\x44\x3e\x20\x6f\162\x20\74\x73\141\155\x6c\x3a\x45\156\143\x72\x79\x70\x74\145\x64\x44\76\x20\x69\x6e\40\74\163\x61\155\x6c\x3a\x53\x75\142\x6a\145\x63\164\76\x2e");
zV:
$OJ = $OJ[0];
if ($OJ->localName === "\105\x6e\143\162\x79\160\164\x65\144\104\141\164\x61") {
goto qm;
}
$this->nameId = SAMLSPUtilities::parseNameId($OJ);
goto ia;
qm:
$this->encryptedNameId = $OJ;
ia:
}
private function parseConditions(DOMElement $l3)
{
$Bc = SAMLSPUtilities::xpQuery($l3, "\56\x2f\163\141\x6d\x6c\x5f\x61\x73\x73\145\162\164\151\x6f\156\x3a\x43\x6f\x6e\144\151\x74\151\x6f\156\163");
if (empty($Bc)) {
goto XB;
}
if (count($Bc) > 1) {
goto YW;
}
goto FH;
XB:
return;
goto FH;
YW:
throw new Exception("\x4d\x6f\x72\145\40\164\150\141\x6e\x20\x6f\156\145\40\x3c\x73\x61\155\154\72\x43\x6f\156\144\x69\x74\151\x6f\x6e\x73\76\40\151\x6e\x20\74\x73\141\155\154\x3a\101\x73\x73\x65\162\164\x69\157\156\76\x2e");
FH:
$Bc = $Bc[0];
if (!$Bc->hasAttribute("\116\157\x74\102\145\x66\x6f\162\x65")) {
goto S9;
}
$vN = SAMLSPUtilities::xsDateTimeToTimestamp($Bc->getAttribute("\x4e\157\x74\102\x65\146\x6f\x72\x65"));
if (!($this->notBefore === NULL || $this->notBefore < $vN)) {
goto DG;
}
$this->notBefore = $vN;
DG:
S9:
if (!$Bc->hasAttribute("\x4e\157\x74\117\156\x4f\162\101\x66\x74\145\x72")) {
goto fR;
}
$ef = SAMLSPUtilities::xsDateTimeToTimestamp($Bc->getAttribute("\x4e\x6f\x74\x4f\156\117\162\x41\146\x74\145\x72"));
if (!($this->notOnOrAfter === NULL || $this->notOnOrAfter > $ef)) {
goto sz;
}
$this->notOnOrAfter = $ef;
sz:
fR:
$Kp = $Bc->firstChild;
qE:
if (!($Kp !== NULL)) {
goto RW;
}
if (!$Kp instanceof DOMText) {
goto uz;
}
goto IV;
uz:
if (!($Kp->namespaceURI !== "\165\x72\156\72\157\x61\163\x69\x73\x3a\156\141\x6d\145\x73\x3a\x74\x63\72\123\101\x4d\x4c\72\62\x2e\x30\x3a\x61\163\x73\145\162\164\151\157\156")) {
goto y8;
}
throw new Exception("\125\156\x6b\x6e\x6f\x77\x6e\x20\x6e\141\x6d\145\163\160\x61\143\x65\x20\157\x66\40\143\x6f\156\144\x69\x74\x69\157\156\x3a\40" . var_export($Kp->namespaceURI, TRUE));
y8:
switch ($Kp->localName) {
case "\x41\165\x64\151\145\156\x63\x65\x52\x65\x73\164\162\151\x63\164\151\x6f\156":
$lQ = SAMLSPUtilities::extractStrings($Kp, "\165\x72\156\x3a\x6f\x61\163\151\x73\72\x6e\x61\x6d\x65\x73\72\x74\143\x3a\123\101\115\x4c\x3a\62\x2e\60\72\141\x73\163\x65\162\x74\x69\157\x6e", "\101\x75\x64\151\145\156\143\x65");
if ($this->validAudiences === NULL) {
goto J1;
}
$this->validAudiences = array_intersect($this->validAudiences, $lQ);
goto cz;
J1:
$this->validAudiences = $lQ;
cz:
goto Lu;
case "\x4f\x6e\145\x54\151\x6d\145\125\x73\145":
goto Lu;
case "\120\162\157\x78\x79\122\145\x73\x74\162\151\x63\x74\x69\x6f\x6e":
goto Lu;
default:
throw new Exception("\125\x6e\x6b\x6e\157\x77\x6e\40\143\x6f\x6e\x64\x69\x74\151\157\x6e\72\40" . var_export($Kp->localName, TRUE));
}
UE:
Lu:
IV:
$Kp = $Kp->nextSibling;
goto qE;
RW:
}
private function parseAuthnStatement(DOMElement $l3)
{
$FZ = SAMLSPUtilities::xpQuery($l3, "\56\x2f\x73\x61\155\x6c\137\141\163\163\145\x72\x74\151\157\156\72\x41\x75\x74\150\x6e\x53\x74\x61\164\x65\x6d\x65\156\164");
if (empty($FZ)) {
goto Bm;
}
if (count($FZ) > 1) {
goto PD;
}
goto iJ;
Bm:
$this->authnInstant = NULL;
return;
goto iJ;
PD:
throw new Exception("\x4d\157\162\x65\40\x74\150\x61\x74\40\157\x6e\145\x20\74\163\141\x6d\x6c\x3a\101\165\164\x68\x6e\x53\164\x61\164\145\155\x65\x6e\x74\76\40\x69\156\40\74\163\x61\x6d\x6c\72\x41\x73\x73\x65\x72\x74\x69\x6f\156\x3e\x20\156\x6f\x74\x20\x73\x75\x70\160\157\162\x74\145\x64\56");
iJ:
$rW = $FZ[0];
if ($rW->hasAttribute("\101\165\x74\x68\x6e\x49\156\x73\164\x61\156\164")) {
goto IX;
}
throw new Exception("\115\151\x73\x73\151\x6e\147\x20\162\x65\161\x75\x69\x72\145\144\x20\101\x75\x74\150\x6e\111\156\163\x74\141\156\x74\x20\141\x74\164\162\151\142\x75\164\145\40\x6f\156\40\74\163\x61\155\154\x3a\101\165\x74\x68\x6e\123\164\x61\164\145\155\x65\156\164\x3e\x2e");
IX:
$this->authnInstant = SAMLSPUtilities::xsDateTimeToTimestamp($rW->getAttribute("\x41\x75\164\150\156\111\x6e\163\x74\141\156\164"));
if (!$rW->hasAttribute("\x53\145\x73\x73\x69\x6f\156\116\157\164\117\x6e\117\x72\101\x66\x74\x65\x72")) {
goto Xe;
}
$this->sessionNotOnOrAfter = SAMLSPUtilities::xsDateTimeToTimestamp($rW->getAttribute("\123\145\x73\x73\151\x6f\156\x4e\157\x74\x4f\156\x4f\162\x41\x66\x74\x65\162"));
Xe:
if (!$rW->hasAttribute("\123\x65\x73\163\x69\157\x6e\111\x6e\x64\145\170")) {
goto KS;
}
$this->sessionIndex = $rW->getAttribute("\x53\145\163\163\x69\157\x6e\111\156\144\x65\x78");
KS:
$this->parseAuthnContext($rW);
}
private function parseAuthnContext(DOMElement $fb)
{
$x7 = SAMLSPUtilities::xpQuery($fb, "\56\57\x73\141\x6d\154\137\x61\163\163\145\x72\x74\x69\157\x6e\72\101\x75\164\x68\x6e\x43\x6f\156\x74\145\x78\x74");
if (count($x7) > 1) {
goto G4;
}
if (empty($x7)) {
goto T5;
}
goto T4;
G4:
throw new Exception("\115\157\x72\x65\x20\164\150\x61\x6e\40\157\156\145\x20\74\x73\x61\x6d\x6c\72\x41\x75\164\150\x6e\x43\x6f\x6e\164\x65\170\164\x3e\40\x69\x6e\x20\74\163\141\155\x6c\x3a\x41\x75\164\150\156\x53\164\x61\164\x65\155\x65\156\x74\x3e\x2e");
goto T4;
T5:
throw new Exception("\x4d\151\163\163\x69\x6e\x67\40\x72\145\x71\x75\x69\x72\x65\144\x20\x3c\163\141\155\x6c\x3a\101\x75\x74\x68\x6e\103\x6f\x6e\164\x65\170\x74\76\40\x69\156\40\74\163\x61\x6d\x6c\72\x41\x75\164\150\x6e\x53\164\141\x74\145\155\x65\156\x74\x3e\x2e");
T4:
$Yc = $x7[0];
$PX = SAMLSPUtilities::xpQuery($Yc, "\x2e\57\163\141\155\154\x5f\141\x73\163\x65\162\164\151\x6f\156\72\x41\x75\164\x68\x6e\103\x6f\x6e\164\145\170\164\x44\x65\143\154\122\x65\x66");
if (count($PX) > 1) {
goto RI;
}
if (count($PX) === 1) {
goto pY;
}
goto QK;
RI:
throw new Exception("\115\x6f\x72\145\40\x74\150\x61\x6e\x20\157\156\145\x20\x3c\x73\141\155\x6c\72\101\x75\164\x68\156\103\x6f\156\x74\x65\170\164\x44\x65\x63\x6c\x52\145\146\76\40\146\157\x75\156\x64\77");
goto QK;
pY:
$this->setAuthnContextDeclRef(trim($PX[0]->textContent));
QK:
$Ab = SAMLSPUtilities::xpQuery($Yc, "\56\x2f\x73\141\x6d\x6c\x5f\x61\x73\163\x65\x72\x74\x69\157\156\72\x41\x75\164\150\156\103\x6f\x6e\164\145\x78\x74\104\145\x63\x6c");
if (count($Ab) > 1) {
goto lV;
}
if (count($Ab) === 1) {
goto Z7;
}
goto Tt;
lV:
throw new Exception("\x4d\x6f\x72\x65\x20\164\x68\x61\x6e\40\x6f\156\x65\40\x3c\163\141\x6d\x6c\x3a\x41\x75\164\x68\156\103\157\156\x74\145\x78\x74\104\x65\x63\154\76\40\146\157\x75\156\x64\x3f");
goto Tt;
Z7:
$this->setAuthnContextDecl(new SAML2_XML_Chunk($Ab[0]));
Tt:
$JG = SAMLSPUtilities::xpQuery($Yc, "\x2e\x2f\163\x61\155\154\x5f\141\163\163\145\x72\164\x69\157\156\x3a\101\165\x74\x68\x6e\103\x6f\156\164\x65\170\164\103\154\x61\163\x73\x52\x65\x66");
if (count($JG) > 1) {
goto oO;
}
if (count($JG) === 1) {
goto S2;
}
goto vj;
oO:
throw new Exception("\115\x6f\x72\145\40\x74\x68\x61\156\x20\x6f\156\145\x20\x3c\163\x61\x6d\154\72\101\x75\x74\150\156\103\x6f\156\164\145\x78\164\103\x6c\141\163\163\122\145\x66\76\40\151\x6e\x20\74\x73\141\155\x6c\x3a\x41\165\x74\150\156\103\x6f\x6e\x74\145\x78\x74\76\x2e");
goto vj;
S2:
$this->setAuthnContextClassRef(trim($JG[0]->textContent));
vj:
if (!(empty($this->authnContextClassRef) && empty($this->authnContextDecl) && empty($this->authnContextDeclRef))) {
goto Vu;
}
throw new Exception("\x4d\151\163\x73\x69\x6e\x67\40\x65\151\x74\x68\x65\x72\x20\x3c\163\x61\155\154\x3a\101\165\164\150\156\x43\157\x6e\164\145\x78\x74\103\x6c\x61\x73\x73\x52\x65\146\x3e\40\x6f\162\x20\74\163\141\x6d\x6c\x3a\101\165\164\x68\x6e\103\157\156\x74\145\170\164\104\145\143\x6c\122\145\146\76\x20\157\x72\x20\74\163\141\x6d\x6c\x3a\x41\x75\164\x68\156\103\x6f\156\164\x65\170\x74\x44\x65\x63\x6c\x3e");
Vu:
$this->AuthenticatingAuthority = SAMLSPUtilities::extractStrings($Yc, "\165\162\x6e\x3a\157\141\163\151\163\x3a\156\x61\155\x65\163\72\164\x63\72\123\101\115\114\72\x32\x2e\x30\x3a\141\x73\163\145\x72\x74\x69\x6f\156", "\101\165\164\x68\x65\156\164\x69\143\x61\x74\151\x6e\147\x41\165\164\x68\x6f\162\x69\164\x79");
}
private function parseAttributes(DOMElement $l3)
{
$ji = TRUE;
$QK = SAMLSPUtilities::xpQuery($l3, "\x2e\57\x73\x61\x6d\x6c\x5f\141\x73\x73\x65\162\x74\x69\x6f\156\x3a\x41\x74\164\162\151\142\x75\x74\x65\123\x74\x61\x74\x65\x6d\145\x6e\x74\x2f\163\141\x6d\x6c\x5f\141\163\163\x65\162\x74\x69\157\x6e\x3a\101\x74\x74\162\151\x62\165\164\145");
foreach ($QK as $V0) {
if ($V0->hasAttribute("\x4e\x61\x6d\x65")) {
goto SE;
}
throw new Exception("\115\151\x73\x73\151\156\x67\x20\156\141\155\145\40\157\x6e\40\74\163\141\x6d\154\x3a\101\x74\x74\162\151\142\165\164\x65\x3e\40\145\154\145\x6d\145\x6e\164\x2e");
SE:
$YB = $V0->getAttribute("\x4e\x61\155\145");
if ($V0->hasAttribute("\116\141\x6d\145\106\157\162\155\x61\x74")) {
goto AF;
}
$rn = "\165\162\156\x3a\157\x61\163\x69\x73\x3a\156\141\155\x65\163\x3a\x74\x63\72\x53\101\x4d\114\72\x31\x2e\61\x3a\x6e\141\x6d\x65\151\x64\55\x66\157\x72\155\x61\x74\72\165\156\x73\x70\145\x63\151\x66\x69\145\x64";
goto B0;
AF:
$rn = $V0->getAttribute("\x4e\x61\155\x65\x46\x6f\x72\x6d\x61\164");
B0:
if ($ji) {
goto xB;
}
if (!($this->nameFormat !== $rn)) {
goto ge;
}
$this->nameFormat = "\x75\162\x6e\x3a\x6f\141\163\x69\163\72\156\x61\x6d\145\163\72\164\143\72\x53\x41\x4d\x4c\72\x31\x2e\x31\x3a\x6e\141\155\145\151\x64\55\x66\x6f\x72\155\x61\164\x3a\165\x6e\163\x70\x65\x63\x69\x66\151\145\x64";
ge:
goto x8;
xB:
$this->nameFormat = $rn;
$ji = FALSE;
x8:
if (isset($this->attributes[$YB])) {
goto DX;
}
$this->attributes[$YB] = array();
DX:
$Yr = SAMLSPUtilities::xpQuery($V0, "\56\x2f\163\x61\x6d\154\137\141\x73\163\145\x72\x74\151\157\156\72\101\x74\x74\162\x69\x62\165\164\x65\126\x61\x6c\165\145");
foreach ($Yr as $cK) {
$this->attributes[$YB][] = trim($cK->textContent);
wo:
}
rB:
a5:
}
Zo:
}
private function parseEncryptedAttributes(DOMElement $l3)
{
$this->encryptedAttribute = SAMLSPUtilities::xpQuery($l3, "\56\x2f\x73\141\155\154\137\x61\163\163\x65\162\x74\151\x6f\x6e\72\101\x74\x74\x72\x69\142\x75\x74\x65\123\x74\x61\164\x65\x6d\145\156\164\x2f\x73\141\155\154\137\x61\x73\163\x65\x72\x74\151\157\x6e\72\105\x6e\x63\162\171\160\164\145\x64\101\x74\x74\162\151\x62\x75\x74\145");
}
private function parseSignature(DOMElement $l3)
{
$rl = SAMLSPUtilities::validateElement($l3);
if (!($rl !== FALSE)) {
goto Dm;
}
$this->wasSignedAtConstruction = TRUE;
$this->certificates = $rl["\103\x65\x72\164\151\146\151\x63\141\x74\x65\163"];
$this->signatureData = $rl;
Dm:
}
public function validate(XMLSecurityKey $WO)
{
if (!($this->signatureData === NULL)) {
goto eO;
}
return FALSE;
eO:
SAMLSPUtilities::validateSignature($this->signatureData, $WO);
return TRUE;
}
public function getId()
{
return $this->id;
}
public function setId($It)
{
$this->id = $It;
}
public function getIssueInstant()
{
return $this->issueInstant;
}
public function setIssueInstant($kC)
{
$this->issueInstant = $kC;
}
public function getIssuer()
{
return $this->issuer;
}
public function setIssuer($Ai)
{
$this->issuer = $Ai;
}
public function getNameId()
{
if (!($this->encryptedNameId !== NULL)) {
goto w0;
}
throw new Exception("\x41\164\x74\145\155\160\164\x65\x64\40\164\x6f\x20\x72\x65\x74\162\151\x65\x76\x65\x20\x65\x6e\x63\162\171\x70\x74\x65\144\40\116\141\155\x65\111\x44\40\x77\151\x74\150\x6f\x75\x74\40\x64\x65\143\162\x79\x70\x74\x69\x6e\x67\40\151\x74\40\146\x69\x72\x73\x74\x2e");
w0:
return $this->nameId;
}
public function setNameId($OJ)
{
$this->nameId = $OJ;
}
public function isNameIdEncrypted()
{
if (!($this->encryptedNameId !== NULL)) {
goto h3;
}
return TRUE;
h3:
return FALSE;
}
public function encryptNameId(XMLSecurityKey $WO)
{
$ik = new DOMDocument();
$Bf = $ik->createElement("\162\x6f\x6f\164");
$ik->appendChild($Bf);
SAMLSPUtilities::addNameId($Bf, $this->nameId);
$OJ = $Bf->firstChild;
SAMLSPUtilities::getContainer()->debugMessage($OJ, "\x65\156\x63\x72\171\160\x74");
$NA = new XMLSecEnc();
$NA->setNode($OJ);
$NA->type = XMLSecEnc::Element;
$Z3 = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
$Z3->generateSessionKey();
$NA->encryptKey($WO, $Z3);
$this->encryptedNameId = $NA->encryptNode($Z3);
$this->nameId = NULL;
}
public function decryptNameId(XMLSecurityKey $WO, array $io = array())
{
if (!($this->encryptedNameId === NULL)) {
goto mN;
}
return;
mN:
$OJ = SAMLSPUtilities::decryptElement($this->encryptedNameId, $WO, $io);
SAMLSPUtilities::getContainer()->debugMessage($OJ, "\x64\x65\x63\x72\x79\x70\164");
$this->nameId = SAMLSPUtilities::parseNameId($OJ);
$this->encryptedNameId = NULL;
}
public function decryptAttributes(XMLSecurityKey $WO, array $io = array())
{
if (!($this->encryptedAttribute === NULL)) {
goto rx;
}
return;
rx:
$ji = TRUE;
$QK = $this->encryptedAttribute;
foreach ($QK as $Yz) {
$V0 = SAMLSPUtilities::decryptElement($Yz->getElementsByTagName("\105\x6e\x63\162\x79\160\164\x65\144\x44\x61\x74\141")->item(0), $WO, $io);
if ($V0->hasAttribute("\x4e\x61\x6d\145")) {
goto mk;
}
throw new Exception("\x4d\151\x73\x73\151\156\x67\40\156\141\155\x65\x20\157\x6e\40\x3c\x73\x61\155\x6c\x3a\x41\x74\164\162\x69\142\x75\x74\145\76\x20\x65\154\145\155\145\156\x74\x2e");
mk:
$YB = $V0->getAttribute("\x4e\141\155\145");
if ($V0->hasAttribute("\116\141\x6d\x65\106\x6f\x72\155\x61\x74")) {
goto KK;
}
$rn = "\x75\162\156\x3a\x6f\x61\x73\151\x73\x3a\x6e\x61\x6d\x65\163\72\x74\x63\72\123\101\115\x4c\x3a\62\56\x30\72\x61\164\164\x72\156\x61\x6d\x65\x2d\146\157\x72\x6d\141\x74\x3a\x75\156\x73\160\145\143\x69\x66\x69\145\144";
goto NJ;
KK:
$rn = $V0->getAttribute("\116\141\x6d\x65\x46\x6f\162\155\x61\x74");
NJ:
if ($ji) {
goto ph;
}
if (!($this->nameFormat !== $rn)) {
goto KG;
}
$this->nameFormat = "\165\162\156\x3a\157\141\163\x69\163\x3a\156\141\x6d\145\163\72\x74\x63\x3a\123\101\x4d\114\72\62\56\60\x3a\x61\164\164\162\156\141\155\145\x2d\146\x6f\162\155\141\164\72\165\x6e\x73\x70\x65\x63\151\146\151\145\x64";
KG:
goto YZ;
ph:
$this->nameFormat = $rn;
$ji = FALSE;
YZ:
if (isset($this->attributes[$YB])) {
goto LP;
}
$this->attributes[$YB] = array();
LP:
$Yr = SAMLSPUtilities::xpQuery($V0, "\56\57\163\x61\x6d\x6c\x5f\141\x73\x73\145\x72\x74\x69\157\156\x3a\x41\164\x74\162\151\142\x75\x74\x65\x56\141\154\x75\145");
foreach ($Yr as $cK) {
$this->attributes[$YB][] = trim($cK->textContent);
Pd:
}
vc:
nv:
}
Rw:
}
public function getNotBefore()
{
return $this->notBefore;
}
public function setNotBefore($vN)
{
$this->notBefore = $vN;
}
public function getNotOnOrAfter()
{
return $this->notOnOrAfter;
}
public function setNotOnOrAfter($ef)
{
$this->notOnOrAfter = $ef;
}
public function setEncryptedAttributes($IN)
{
$this->requiredEncAttributes = $IN;
}
public function getValidAudiences()
{
return $this->validAudiences;
}
public function setValidAudiences(array $sQ = NULL)
{
$this->validAudiences = $sQ;
}
public function getAuthnInstant()
{
return $this->authnInstant;
}
public function setAuthnInstant($Rd)
{
$this->authnInstant = $Rd;
}
public function getSessionNotOnOrAfter()
{
return $this->sessionNotOnOrAfter;
}
public function setSessionNotOnOrAfter($Zm)
{
$this->sessionNotOnOrAfter = $Zm;
}
public function getSessionIndex()
{
return $this->sessionIndex;
}
public function setSessionIndex($VU)
{
$this->sessionIndex = $VU;
}
public function getAuthnContext()
{
if (empty($this->authnContextClassRef)) {
goto v5;
}
return $this->authnContextClassRef;
v5:
if (empty($this->authnContextDeclRef)) {
goto i4;
}
return $this->authnContextDeclRef;
i4:
return NULL;
}
public function setAuthnContext($Cb)
{
$this->setAuthnContextClassRef($Cb);
}
public function getAuthnContextClassRef()
{
return $this->authnContextClassRef;
}
public function setAuthnContextClassRef($uA)
{
$this->authnContextClassRef = $uA;
}
public function setAuthnContextDecl(SAML2_XML_Chunk $hv)
{
if (empty($this->authnContextDeclRef)) {
goto Hp;
}
throw new Exception("\101\x75\x74\150\156\103\x6f\x6e\x74\x65\170\164\x44\x65\143\x6c\x52\145\x66\40\151\163\40\x61\154\x72\145\141\144\171\40\162\145\x67\151\x73\x74\x65\x72\145\144\x21\x20\115\x61\x79\x20\157\x6e\x6c\x79\x20\150\141\166\145\40\145\x69\164\x68\145\x72\40\141\40\104\x65\x63\x6c\40\x6f\x72\x20\x61\x20\104\145\x63\154\x52\145\x66\54\40\x6e\157\x74\40\x62\157\164\x68\41");
Hp:
$this->authnContextDecl = $hv;
}
public function getAuthnContextDecl()
{
return $this->authnContextDecl;
}
public function setAuthnContextDeclRef($gB)
{
if (empty($this->authnContextDecl)) {
goto Q9;
}
throw new Exception("\101\x75\164\150\x6e\x43\157\156\164\x65\x78\164\x44\x65\143\x6c\40\151\x73\40\141\x6c\x72\x65\x61\144\x79\x20\162\x65\147\151\163\164\x65\x72\x65\144\x21\x20\x4d\141\171\x20\157\x6e\154\171\x20\x68\141\166\x65\40\145\151\164\150\x65\x72\x20\141\x20\x44\145\x63\154\40\x6f\x72\40\141\40\104\145\x63\x6c\122\145\x66\x2c\x20\x6e\x6f\x74\x20\142\157\x74\150\41");
Q9:
$this->authnContextDeclRef = $gB;
}
public function getAuthnContextDeclRef()
{
return $this->authnContextDeclRef;
}
public function getAuthenticatingAuthority()
{
return $this->AuthenticatingAuthority;
}
public function setAuthenticatingAuthority($ki)
{
$this->AuthenticatingAuthority = $ki;
}
public function getAttributes()
{
return $this->attributes;
}
public function setAttributes(array $QK)
{
$this->attributes = $QK;
}
public function getAttributeNameFormat()
{
return $this->nameFormat;
}
public function setAttributeNameFormat($rn)
{
$this->nameFormat = $rn;
}
public function getSubjectConfirmation()
{
return $this->SubjectConfirmation;
}
public function setSubjectConfirmation(array $XZ)
{
$this->SubjectConfirmation = $XZ;
}
public function getSignatureKey()
{
return $this->signatureKey;
}
public function setSignatureKey(XMLsecurityKey $Gc = NULL)
{
$this->signatureKey = $Gc;
}
public function getEncryptionKey()
{
return $this->encryptionKey;
}
public function setEncryptionKey(XMLSecurityKey $em = NULL)
{
$this->encryptionKey = $em;
}
public function setCertificates(array $mG)
{
$this->certificates = $mG;
}
public function getCertificates()
{
return $this->certificates;
}
public function getSignatureData()
{
return $this->signatureData;
}
public function getWasSignedAtConstruction()
{
return $this->wasSignedAtConstruction;
}
public function toXML(DOMNode $pR = NULL)
{
if ($pR === NULL) {
goto qG;
}
$HL = $pR->ownerDocument;
goto BZ;
qG:
$HL = new DOMDocument();
$pR = $HL;
BZ:
$Bf = $HL->createElementNS("\165\x72\x6e\x3a\157\x61\163\x69\163\72\x6e\x61\155\x65\x73\x3a\164\143\72\x53\x41\115\x4c\72\62\x2e\60\72\x61\x73\x73\145\162\164\151\x6f\156", "\163\x61\x6d\x6c\x3a" . "\101\x73\163\145\162\x74\x69\157\156");
$pR->appendChild($Bf);
$Bf->setAttributeNS("\165\162\156\72\x6f\141\163\x69\x73\72\156\x61\x6d\x65\163\72\164\x63\x3a\123\101\x4d\114\x3a\x32\x2e\x30\x3a\x70\x72\157\164\x6f\x63\157\x6c", "\163\x61\155\154\160\72\164\x6d\x70", "\164\x6d\160");
$Bf->removeAttributeNS("\x75\x72\156\x3a\157\x61\163\x69\x73\x3a\x6e\141\155\145\163\72\x74\x63\72\x53\101\x4d\x4c\72\62\x2e\60\x3a\x70\x72\157\164\x6f\x63\157\x6c", "\164\x6d\x70");
$Bf->setAttributeNS("\150\164\164\x70\x3a\x2f\x2f\x77\x77\x77\56\167\x33\56\x6f\x72\x67\57\x32\x30\60\x31\x2f\130\x4d\x4c\x53\x63\150\x65\155\141\55\x69\156\x73\164\x61\156\x63\145", "\x78\x73\151\72\164\x6d\x70", "\x74\155\x70");
$Bf->removeAttributeNS("\150\164\164\x70\72\x2f\57\167\167\x77\56\x77\x33\56\x6f\x72\x67\57\x32\x30\x30\61\57\130\x4d\x4c\123\x63\x68\x65\x6d\x61\55\x69\156\x73\164\x61\156\143\145", "\164\x6d\x70");
$Bf->setAttributeNS("\150\x74\164\160\x3a\57\57\167\x77\x77\x2e\167\x33\56\x6f\162\x67\x2f\62\x30\60\x31\x2f\x58\115\x4c\123\x63\x68\145\155\141", "\170\163\72\x74\155\x70", "\x74\155\160");
$Bf->removeAttributeNS("\150\164\164\160\72\x2f\x2f\167\x77\167\56\x77\x33\x2e\x6f\162\147\57\62\60\x30\61\x2f\130\x4d\x4c\123\x63\x68\x65\155\x61", "\x74\155\160");
$Bf->setAttribute("\x49\x44", $this->id);
$Bf->setAttribute("\x56\145\162\163\x69\157\x6e", "\x32\56\60");
$Bf->setAttribute("\111\x73\163\165\x65\111\156\x73\x74\x61\x6e\x74", gmdate("\x59\55\x6d\55\x64\134\x54\110\x3a\x69\x3a\x73\x5c\x5a", $this->issueInstant));
$Ai = SAMLSPUtilities::addString($Bf, "\x75\x72\x6e\72\x6f\141\163\x69\163\x3a\156\141\155\x65\x73\x3a\x74\x63\72\123\x41\x4d\x4c\72\62\56\60\72\141\x73\x73\x65\162\164\x69\157\156", "\163\x61\x6d\154\x3a\111\x73\x73\165\x65\x72", $this->issuer);
$this->addSubject($Bf);
$this->addConditions($Bf);
$this->addAuthnStatement($Bf);
if ($this->requiredEncAttributes == FALSE) {
goto x7;
}
$this->addEncryptedAttributeStatement($Bf);
goto kN;
x7:
$this->addAttributeStatement($Bf);
kN:
if (!($this->signatureKey !== NULL)) {
goto p_;
}
SAMLSPUtilities::insertSignature($this->signatureKey, $this->certificates, $Bf, $Ai->nextSibling);
p_:
return $Bf;
}
private function addSubject(DOMElement $Bf)
{
if (!($this->nameId === NULL && $this->encryptedNameId === NULL)) {
goto sR;
}
return;
sR:
$Ja = $Bf->ownerDocument->createElementNS("\x75\x72\x6e\72\157\141\163\x69\163\72\x6e\141\155\x65\163\72\164\143\x3a\x53\x41\115\114\72\x32\56\60\x3a\x61\163\163\x65\x72\x74\x69\x6f\x6e", "\163\141\155\x6c\x3a\123\165\x62\x6a\x65\x63\x74");
$Bf->appendChild($Ja);
if ($this->encryptedNameId === NULL) {
goto Ex;
}
$Vr = $Ja->ownerDocument->createElementNS("\165\x72\156\x3a\157\x61\163\x69\x73\x3a\x6e\x61\155\145\x73\x3a\x74\x63\72\123\101\115\x4c\x3a\x32\56\60\x3a\141\x73\x73\x65\162\164\151\157\156", "\x73\x61\x6d\154\x3a" . "\x45\156\x63\x72\171\x70\164\145\x64\111\x44");
$Ja->appendChild($Vr);
$Vr->appendChild($Ja->ownerDocument->importNode($this->encryptedNameId, TRUE));
goto vy;
Ex:
SAMLSPUtilities::addNameId($Ja, $this->nameId);
vy:
foreach ($this->SubjectConfirmation as $h9) {
$h9->toXML($Ja);
Xq:
}
rh:
}
private function addConditions(DOMElement $Bf)
{
$HL = $Bf->ownerDocument;
$Bc = $HL->createElementNS("\x75\162\x6e\72\157\x61\x73\x69\163\72\x6e\x61\x6d\x65\x73\x3a\x74\x63\72\x53\x41\115\114\72\62\56\x30\72\141\x73\163\x65\x72\164\x69\x6f\156", "\163\x61\155\x6c\x3a\x43\157\x6e\144\x69\164\151\x6f\156\163");
$Bf->appendChild($Bc);
if (!($this->notBefore !== NULL)) {
goto tS;
}
$Bc->setAttribute("\x4e\157\164\102\x65\146\x6f\162\x65", gmdate("\131\55\155\x2d\x64\134\124\110\x3a\151\x3a\x73\x5c\132", $this->notBefore));
tS:
if (!($this->notOnOrAfter !== NULL)) {
goto Po;
}
$Bc->setAttribute("\x4e\x6f\164\117\x6e\117\x72\x41\146\x74\145\162", gmdate("\x59\x2d\155\55\144\134\x54\110\72\x69\72\x73\x5c\x5a", $this->notOnOrAfter));
Po:
if (!($this->validAudiences !== NULL)) {
goto vG;
}
$za = $HL->createElementNS("\165\x72\x6e\x3a\x6f\141\163\151\x73\72\156\141\155\145\x73\72\164\143\72\x53\101\x4d\x4c\72\x32\x2e\60\x3a\x61\163\163\145\162\x74\151\157\156", "\163\141\x6d\x6c\72\101\165\x64\x69\145\x6e\x63\x65\122\x65\x73\164\162\x69\x63\164\151\x6f\156");
$Bc->appendChild($za);
SAMLSPUtilities::addStrings($za, "\x75\x72\x6e\x3a\157\141\163\151\163\x3a\x6e\x61\155\145\163\72\164\143\x3a\x53\x41\x4d\114\x3a\62\56\x30\x3a\x61\x73\x73\x65\x72\164\151\x6f\x6e", "\163\141\x6d\x6c\72\x41\x75\144\x69\x65\x6e\143\x65", FALSE, $this->validAudiences);
vG:
}
private function addAuthnStatement(DOMElement $Bf)
{
if (!($this->authnInstant === NULL || $this->authnContextClassRef === NULL && $this->authnContextDecl === NULL && $this->authnContextDeclRef === NULL)) {
goto v2;
}
return;
v2:
$HL = $Bf->ownerDocument;
$fb = $HL->createElementNS("\x75\x72\x6e\72\157\141\163\151\x73\x3a\x6e\141\x6d\x65\163\x3a\x74\143\72\x53\x41\x4d\x4c\x3a\62\x2e\60\x3a\141\163\x73\x65\162\x74\x69\x6f\x6e", "\x73\141\x6d\154\72\101\165\x74\150\x6e\123\x74\141\164\145\x6d\145\x6e\164");
$Bf->appendChild($fb);
$fb->setAttribute("\x41\x75\x74\150\x6e\x49\156\163\x74\141\x6e\164", gmdate("\x59\x2d\x6d\55\144\134\124\x48\72\151\72\163\134\x5a", $this->authnInstant));
if (!($this->sessionNotOnOrAfter !== NULL)) {
goto EL;
}
$fb->setAttribute("\x53\x65\163\163\151\x6f\x6e\116\x6f\164\x4f\156\117\162\x41\x66\164\145\x72", gmdate("\x59\55\155\x2d\x64\x5c\x54\110\x3a\151\72\163\x5c\132", $this->sessionNotOnOrAfter));
EL:
if (!($this->sessionIndex !== NULL)) {
goto yr;
}
$fb->setAttribute("\123\145\163\163\x69\x6f\x6e\111\x6e\x64\x65\170", $this->sessionIndex);
yr:
$Yc = $HL->createElementNS("\165\x72\x6e\72\157\141\x73\x69\163\72\x6e\141\155\x65\x73\x3a\x74\x63\x3a\x53\x41\x4d\114\72\62\56\x30\72\141\163\x73\145\x72\x74\x69\x6f\x6e", "\x73\141\x6d\154\72\x41\165\164\x68\x6e\103\x6f\156\164\145\x78\x74");
$fb->appendChild($Yc);
if (empty($this->authnContextClassRef)) {
goto Bz;
}
SAMLSPUtilities::addString($Yc, "\x75\x72\156\x3a\157\x61\163\151\x73\72\156\141\155\145\163\x3a\x74\143\x3a\x53\x41\x4d\114\72\62\x2e\60\x3a\x61\x73\163\x65\x72\x74\x69\157\156", "\163\141\x6d\x6c\x3a\101\165\164\x68\156\x43\x6f\156\x74\145\170\x74\x43\x6c\x61\x73\163\x52\x65\x66", $this->authnContextClassRef);
Bz:
if (empty($this->authnContextDecl)) {
goto kk;
}
$this->authnContextDecl->toXML($Yc);
kk:
if (empty($this->authnContextDeclRef)) {
goto bm;
}
SAMLSPUtilities::addString($Yc, "\x75\162\x6e\x3a\157\x61\163\151\163\72\x6e\141\x6d\145\x73\72\x74\x63\72\123\101\115\x4c\72\x32\56\x30\72\x61\163\163\x65\x72\x74\151\x6f\156", "\163\x61\x6d\x6c\72\x41\x75\x74\x68\156\x43\x6f\156\164\145\170\164\104\145\143\x6c\x52\145\146", $this->authnContextDeclRef);
bm:
SAMLSPUtilities::addStrings($Yc, "\x75\x72\156\72\x6f\x61\163\x69\163\72\x6e\x61\155\145\163\x3a\164\x63\x3a\x53\x41\115\114\x3a\62\x2e\60\x3a\141\163\x73\145\x72\x74\151\157\x6e", "\163\141\x6d\154\x3a\x41\165\x74\150\145\x6e\164\x69\143\x61\164\151\156\147\101\165\x74\150\157\x72\x69\164\171", FALSE, $this->AuthenticatingAuthority);
}
private function addAttributeStatement(DOMElement $Bf)
{
if (!empty($this->attributes)) {
goto R9;
}
return;
R9:
$HL = $Bf->ownerDocument;
$dB = $HL->createElementNS("\x75\x72\x6e\72\157\x61\x73\x69\x73\x3a\x6e\141\155\x65\x73\72\164\x63\72\x53\x41\x4d\114\x3a\x32\56\60\x3a\x61\163\163\x65\x72\x74\151\x6f\x6e", "\163\x61\155\x6c\x3a\101\x74\x74\x72\151\142\165\164\145\x53\164\141\x74\145\155\145\156\164");
$Bf->appendChild($dB);
foreach ($this->attributes as $YB => $Yr) {
$V0 = $HL->createElementNS("\x75\162\156\72\x6f\141\163\151\x73\x3a\x6e\141\x6d\x65\x73\x3a\x74\143\x3a\123\101\x4d\x4c\x3a\62\56\60\x3a\141\x73\163\x65\162\x74\151\157\x6e", "\163\141\155\154\x3a\x41\x74\164\x72\151\x62\x75\164\145");
$dB->appendChild($V0);
$V0->setAttribute("\x4e\x61\x6d\x65", $YB);
if (!($this->nameFormat !== "\x75\162\x6e\x3a\157\141\x73\151\x73\72\156\141\155\145\x73\72\164\143\72\123\101\115\114\x3a\62\x2e\60\x3a\x61\164\x74\x72\156\141\x6d\x65\x2d\x66\x6f\162\155\141\164\72\x75\x6e\163\x70\x65\143\151\146\151\x65\144")) {
goto mL;
}
$V0->setAttribute("\116\141\x6d\x65\106\157\x72\155\x61\x74", $this->nameFormat);
mL:
foreach ($Yr as $cK) {
if (is_string($cK)) {
goto dr;
}
if (is_int($cK)) {
goto mR;
}
$YE = NULL;
goto T2;
dr:
$YE = "\170\163\x3a\x73\x74\x72\x69\156\x67";
goto T2;
mR:
$YE = "\x78\163\x3a\151\156\x74\x65\x67\145\162";
T2:
$uQ = $HL->createElementNS("\x75\162\156\x3a\157\141\163\151\163\72\156\x61\x6d\x65\x73\x3a\x74\x63\x3a\x53\x41\x4d\114\x3a\62\56\x30\x3a\x61\x73\x73\145\x72\164\x69\x6f\x6e", "\x73\141\155\x6c\72\x41\x74\x74\x72\151\142\x75\164\145\126\x61\x6c\x75\145");
$V0->appendChild($uQ);
if (!($YE !== NULL)) {
goto cX;
}
$uQ->setAttributeNS("\150\164\x74\x70\x3a\x2f\57\167\x77\167\x2e\167\63\x2e\x6f\x72\147\x2f\x32\60\60\61\57\x58\x4d\114\123\x63\150\145\155\141\55\151\x6e\163\164\x61\x6e\143\x65", "\170\x73\151\72\x74\171\160\x65", $YE);
cX:
if (!is_null($cK)) {
goto oM;
}
$uQ->setAttributeNS("\x68\164\x74\x70\x3a\57\57\167\167\x77\x2e\167\63\x2e\157\x72\x67\x2f\x32\60\60\61\x2f\x58\115\x4c\123\143\x68\145\x6d\x61\55\151\x6e\163\x74\141\156\x63\x65", "\x78\163\151\x3a\x6e\x69\x6c", "\x74\x72\x75\145");
oM:
if ($cK instanceof DOMNodeList) {
goto qA;
}
$uQ->appendChild($HL->createTextNode($cK));
goto wh;
qA:
$lw = 0;
yg:
if (!($lw < $cK->length)) {
goto bD;
}
$Kp = $HL->importNode($cK->item($lw), TRUE);
$uQ->appendChild($Kp);
HF:
$lw++;
goto yg;
bD:
wh:
eS:
}
Xd:
Zj:
}
Tn:
}
private function addEncryptedAttributeStatement(DOMElement $Bf)
{
if (!($this->requiredEncAttributes == FALSE)) {
goto fQ;
}
return;
fQ:
$HL = $Bf->ownerDocument;
$dB = $HL->createElementNS("\165\162\156\x3a\x6f\141\x73\151\x73\72\x6e\141\155\x65\x73\x3a\x74\143\72\123\x41\x4d\x4c\72\62\x2e\x30\x3a\141\x73\x73\145\162\164\151\157\156", "\163\141\x6d\x6c\x3a\101\x74\x74\162\x69\142\x75\164\x65\x53\x74\x61\164\145\x6d\x65\x6e\164");
$Bf->appendChild($dB);
foreach ($this->attributes as $YB => $Yr) {
$PN = new DOMDocument();
$V0 = $PN->createElementNS("\x75\162\x6e\x3a\157\x61\x73\151\163\x3a\156\141\155\x65\163\72\164\143\x3a\x53\x41\x4d\114\x3a\x32\x2e\x30\x3a\141\x73\x73\145\162\164\x69\x6f\156", "\x73\x61\x6d\154\72\101\164\164\x72\151\142\x75\164\145");
$V0->setAttribute("\116\x61\155\x65", $YB);
$PN->appendChild($V0);
if (!($this->nameFormat !== "\165\162\x6e\x3a\x6f\x61\163\151\163\72\x6e\141\155\145\163\72\x74\143\72\x53\x41\115\114\x3a\x32\x2e\x30\x3a\141\x74\164\162\x6e\141\155\145\55\x66\157\162\155\x61\x74\72\165\156\163\160\145\x63\151\146\151\145\144")) {
goto DV;
}
$V0->setAttribute("\116\141\155\x65\106\x6f\162\155\x61\164", $this->nameFormat);
DV:
foreach ($Yr as $cK) {
if (is_string($cK)) {
goto u9;
}
if (is_int($cK)) {
goto q0;
}
$YE = NULL;
goto xm;
u9:
$YE = "\x78\163\72\x73\x74\162\x69\x6e\147";
goto xm;
q0:
$YE = "\170\163\72\151\156\x74\145\x67\x65\x72";
xm:
$uQ = $PN->createElementNS("\x75\162\x6e\72\x6f\141\x73\151\163\x3a\x6e\141\x6d\145\x73\x3a\x74\x63\72\123\x41\115\x4c\72\62\x2e\60\72\141\163\x73\x65\162\x74\151\157\x6e", "\163\141\x6d\154\72\x41\164\164\162\x69\142\165\164\145\126\141\154\165\145");
$V0->appendChild($uQ);
if (!($YE !== NULL)) {
goto Nt;
}
$uQ->setAttributeNS("\150\164\164\x70\72\x2f\57\167\x77\x77\x2e\x77\x33\x2e\157\162\147\57\x32\x30\60\x31\57\130\x4d\114\x53\x63\x68\145\x6d\141\55\151\x6e\163\164\141\156\143\x65", "\170\x73\x69\72\x74\171\x70\x65", $YE);
Nt:
if ($cK instanceof DOMNodeList) {
goto ZY;
}
$uQ->appendChild($PN->createTextNode($cK));
goto uy;
ZY:
$lw = 0;
iY:
if (!($lw < $cK->length)) {
goto QJ;
}
$Kp = $PN->importNode($cK->item($lw), TRUE);
$uQ->appendChild($Kp);
oh:
$lw++;
goto iY;
QJ:
uy:
RV:
}
u7:
$u_ = new XMLSecEnc();
$u_->setNode($PN->documentElement);
$u_->type = "\150\164\164\160\72\x2f\x2f\167\167\x77\56\167\63\x2e\x6f\162\x67\x2f\62\60\x30\61\x2f\60\64\x2f\170\155\x6c\145\x6e\x63\43\x45\154\145\x6d\x65\156\x74";
$Z3 = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
$Z3->generateSessionKey();
$u_->encryptKey($this->encryptionKey, $Z3);
$rK = $u_->encryptNode($Z3);
$Ve = $HL->createElementNS("\x75\162\x6e\72\x6f\141\163\x69\x73\72\156\141\155\145\x73\72\x74\x63\72\123\101\x4d\114\x3a\62\x2e\x30\72\x61\x73\163\145\162\x74\x69\x6f\156", "\163\141\x6d\x6c\x3a\x45\x6e\x63\162\x79\160\164\145\144\x41\164\164\x72\151\142\165\164\x65");
$dB->appendChild($Ve);
$Lk = $HL->importNode($rK, TRUE);
$Ve->appendChild($Lk);
Xw:
}
yV:
}
public function getPrivateKeyUrl()
{
return $this->privateKeyUrl;
}
public function setPrivateKeyUrl($NI)
{
$this->privateKeyUrl = $NI;
}
}<?php
include_once 'Utilities.php';
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class SAML2SPAssertion
{
private $id;
private $issueInstant;
private $issuer;
private $nameId;
private $encryptedNameId;
private $encryptedAttribute;
private $encryptionKey;
private $notBefore;
private $notOnOrAfter;
private $validAudiences;
private $sessionNotOnOrAfter;
private $sessionIndex;
private $authnInstant;
private $authnContextClassRef;
private $authnContextDecl;
private $authnContextDeclRef;
private $AuthenticatingAuthority;
private $attributes;
private $nameFormat;
private $signatureKey;
private $certificates;
private $signatureData;
private $requiredEncAttributes;
private $SubjectConfirmation;
private $privateKeyUrl;
protected $wasSignedAtConstruction = FALSE;
public function __construct(DOMElement $l3 = NULL, $NI)
{
$this->id = SAMLSPUtilities::generateId();
$this->issueInstant = SAMLSPUtilities::generateTimestamp();
$this->issuer = '';
$this->authnInstant = SAMLSPUtilities::generateTimestamp();
$this->attributes = array();
$this->nameFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
$this->certificates = array();
$this->AuthenticatingAuthority = array();
$this->SubjectConfirmation = array();
if (!($l3 === NULL)) {
if (!($l3->localName === "EncryptedAssertion")) {
goto yj;
}
$h4 = SAMLSPUtilities::xpQuery($l3, "./xenc:EncryptedData");
$N2 = SAMLSPUtilities::xpQuery($l3, "//*[local-name()='EncryptedKey']/*[local-name()='EncryptionMethod']/@Algorithm");
$u0 = $N2[0]->value;
$yu = SAMLSPUtilities::getEncryptionAlgorithm($u0);
if (count($h4) === 0) {
throw new Exception("Missing encrypted data in <saml:EncryptedAssertion>.");
}
if (count($h4) > 1) {
throw new Exception("More than one encrypted data element in <saml:EncryptedAssertion>.");
}
$WO = new XMLSecurityKey($yu, array("type" => "private"));
$WO->loadKey($NI, FALSE);
$io = array();
$l3 = SAMLSPUtilities::decryptElement($h4[0], $WO, $io);
yj:
if ($l3->hasAttribute("ID")) {
$this->id = $l3->getAttribute("ID");
if (!($l3->getAttribute("Version") !== "2.0")) {
$this->issueInstant = SAMLSPUtilities::xsDateTimeToTimestamp($l3->getAttribute("IssueInstant"));
$Ai = SAMLSPUtilities::xpQuery($l3, "./saml_assertion:Issuer");
if (!empty($Ai)) {
$this->issuer = trim($Ai[0]->textContent);
$this->parseConditions($l3);
$this->parseAuthnStatement($l3);
$this->parseAttributes($l3);
$this->parseEncryptedAttributes($l3);
$this->parseSignature($l3);
$this->parseSubject($l3);
// [PHPDeobfuscator] Implied return
return;
}
throw new Exception("Missing <saml:Issuer> in assertion.");
}
throw new Exception("Unsupported version: " . $l3->getAttribute("Version"));
}
throw new Exception("Missing ID attribute on SAML assertion.");
}
return;
}
private function parseSubject(DOMElement $l3)
{
$Ja = SAMLSPUtilities::xpQuery($l3, "./saml_assertion:Subject");
if (empty($Ja)) {
return;
}
if (count($Ja) > 1) {
throw new Exception("More than one <saml:Subject> in <saml:Assertion>.");
}
$Ja = $Ja[0];
$OJ = SAMLSPUtilities::xpQuery($Ja, "./saml_assertion:NameID | ./saml_assertion:EncryptedID/xenc:EncryptedData");
if (empty($OJ)) {
$tr = $_POST["RelayState"];
if ($tr == "testValidate" or $tr == "testNewCertificate") {
echo "<div style=\"font-family:Calibri;padding:0 3%;\">";
echo "<div style=\"color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;\"> ERROR</div>\n <div style=\"color: #a94442;font-size:14pt; margin-bottom:20px;\"><p><strong>Error: </strong>Missing NameID or EncryptedID in SAML Response.</p>\n <p>Please contact your administrator and report the following error:</p>\n <p><strong>Possible Cause:</strong> NameID not found in SAML Response subject.</p>\n </div>\n <div style=\"margin:3%;display:block;text-align:center;\">\n <div style=\"margin:3%;display:block;text-align:center;\"><input style=\"padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;\"type=\"button\" value=\"Done\" onClick=\"self.close();\"></div>";
exit;
}
wp_die("We could not sign you in. Please contact your administrator");
goto zV;
}
if (count($OJ) > 1) {
throw new Exception("More than one <saml:NameID> or <saml:EncryptedD> in <saml:Subject>.");
}
zV:
$OJ = $OJ[0];
if ($OJ->localName === "EncryptedData") {
$this->encryptedNameId = $OJ;
// [PHPDeobfuscator] Implied goto
goto ia;
}
$this->nameId = SAMLSPUtilities::parseNameId($OJ);
ia:
}
private function parseConditions(DOMElement $l3)
{
$Bc = SAMLSPUtilities::xpQuery($l3, "./saml_assertion:Conditions");
if (empty($Bc)) {
return;
}
if (count($Bc) > 1) {
throw new Exception("More than one <saml:Conditions> in <saml:Assertion>.");
}
$Bc = $Bc[0];
if (!$Bc->hasAttribute("NotBefore")) {
goto S9;
}
$vN = SAMLSPUtilities::xsDateTimeToTimestamp($Bc->getAttribute("NotBefore"));
if (!($this->notBefore === NULL || $this->notBefore < $vN)) {
goto DG;
}
$this->notBefore = $vN;
DG:
S9:
if (!$Bc->hasAttribute("NotOnOrAfter")) {
goto fR;
}
$ef = SAMLSPUtilities::xsDateTimeToTimestamp($Bc->getAttribute("NotOnOrAfter"));
if (!($this->notOnOrAfter === NULL || $this->notOnOrAfter > $ef)) {
goto sz;
}
$this->notOnOrAfter = $ef;
sz:
fR:
$Kp = $Bc->firstChild;
qE:
if (!($Kp !== NULL)) {
// [PHPDeobfuscator] Implied return
return;
}
if (!$Kp instanceof DOMText) {
if (!($Kp->namespaceURI !== "urn:oasis:names:tc:SAML:2.0:assertion")) {
switch ($Kp->localName) {
case "AudienceRestriction":
$lQ = SAMLSPUtilities::extractStrings($Kp, "urn:oasis:names:tc:SAML:2.0:assertion", "Audience");
if ($this->validAudiences === NULL) {
$this->validAudiences = $lQ;
// [PHPDeobfuscator] Implied goto
goto cz;
}
$this->validAudiences = array_intersect($this->validAudiences, $lQ);
cz:
goto Lu;
case "OneTimeUse":
goto Lu;
case "ProxyRestriction":
goto Lu;
default:
throw new Exception("Unknown condition: " . var_export($Kp->localName, TRUE));
}
// [PHPDeobfuscator] Implied goto
goto UE;
}
throw new Exception("Unknown namespace of condition: " . var_export($Kp->namespaceURI, TRUE));
}
UE:
Lu:
$Kp = $Kp->nextSibling;
goto qE;
}
private function parseAuthnStatement(DOMElement $l3)
{
$FZ = SAMLSPUtilities::xpQuery($l3, "./saml_assertion:AuthnStatement");
if (empty($FZ)) {
$this->authnInstant = NULL;
return;
}
if (count($FZ) > 1) {
throw new Exception("More that one <saml:AuthnStatement> in <saml:Assertion> not supported.");
}
$rW = $FZ[0];
if ($rW->hasAttribute("AuthnInstant")) {
$this->authnInstant = SAMLSPUtilities::xsDateTimeToTimestamp($rW->getAttribute("AuthnInstant"));
if (!$rW->hasAttribute("SessionNotOnOrAfter")) {
goto Xe;
}
$this->sessionNotOnOrAfter = SAMLSPUtilities::xsDateTimeToTimestamp($rW->getAttribute("SessionNotOnOrAfter"));
Xe:
if (!$rW->hasAttribute("SessionIndex")) {
goto KS;
}
$this->sessionIndex = $rW->getAttribute("SessionIndex");
KS:
$this->parseAuthnContext($rW);
// [PHPDeobfuscator] Implied return
return;
}
throw new Exception("Missing required AuthnInstant attribute on <saml:AuthnStatement>.");
}
private function parseAuthnContext(DOMElement $fb)
{
$x7 = SAMLSPUtilities::xpQuery($fb, "./saml_assertion:AuthnContext");
if (count($x7) > 1) {
throw new Exception("More than one <saml:AuthnContext> in <saml:AuthnStatement>.");
}
if (empty($x7)) {
throw new Exception("Missing required <saml:AuthnContext> in <saml:AuthnStatement>.");
}
$Yc = $x7[0];
$PX = SAMLSPUtilities::xpQuery($Yc, "./saml_assertion:AuthnContextDeclRef");
if (count($PX) > 1) {
throw new Exception("More than one <saml:AuthnContextDeclRef> found?");
}
if (count($PX) === 1) {
$this->setAuthnContextDeclRef(trim($PX[0]->textContent));
// [PHPDeobfuscator] Implied goto
goto QK;
}
QK:
$Ab = SAMLSPUtilities::xpQuery($Yc, "./saml_assertion:AuthnContextDecl");
if (count($Ab) > 1) {
throw new Exception("More than one <saml:AuthnContextDecl> found?");
}
if (count($Ab) === 1) {
$this->setAuthnContextDecl(new SAML2_XML_Chunk($Ab[0]));
// [PHPDeobfuscator] Implied goto
goto Tt;
}
Tt:
$JG = SAMLSPUtilities::xpQuery($Yc, "./saml_assertion:AuthnContextClassRef");
if (count($JG) > 1) {
throw new Exception("More than one <saml:AuthnContextClassRef> in <saml:AuthnContext>.");
}
if (count($JG) === 1) {
$this->setAuthnContextClassRef(trim($JG[0]->textContent));
// [PHPDeobfuscator] Implied goto
goto vj;
}
vj:
if (!(empty($this->authnContextClassRef) && empty($this->authnContextDecl) && empty($this->authnContextDeclRef))) {
$this->AuthenticatingAuthority = SAMLSPUtilities::extractStrings($Yc, "urn:oasis:names:tc:SAML:2.0:assertion", "AuthenticatingAuthority");
// [PHPDeobfuscator] Implied return
return;
}
throw new Exception("Missing either <saml:AuthnContextClassRef> or <saml:AuthnContextDeclRef> or <saml:AuthnContextDecl>");
}
private function parseAttributes(DOMElement $l3)
{
$ji = TRUE;
$QK = SAMLSPUtilities::xpQuery($l3, "./saml_assertion:AttributeStatement/saml_assertion:Attribute");
foreach ($QK as $V0) {
if ($V0->hasAttribute("Name")) {
$YB = $V0->getAttribute("Name");
if ($V0->hasAttribute("NameFormat")) {
$rn = $V0->getAttribute("NameFormat");
// [PHPDeobfuscator] Implied goto
goto B0;
}
$rn = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
B0:
if ($ji) {
$this->nameFormat = $rn;
$ji = FALSE;
// [PHPDeobfuscator] Implied goto
goto x8;
}
if (!($this->nameFormat !== $rn)) {
goto ge;
}
$this->nameFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
ge:
x8:
if (isset($this->attributes[$YB])) {
goto DX;
}
$this->attributes[$YB] = array();
DX:
$Yr = SAMLSPUtilities::xpQuery($V0, "./saml_assertion:AttributeValue");
foreach ($Yr as $cK) {
$this->attributes[$YB][] = trim($cK->textContent);
}
}
throw new Exception("Missing name on <saml:Attribute> element.");
}
}
private function parseEncryptedAttributes(DOMElement $l3)
{
$this->encryptedAttribute = SAMLSPUtilities::xpQuery($l3, "./saml_assertion:AttributeStatement/saml_assertion:EncryptedAttribute");
}
private function parseSignature(DOMElement $l3)
{
$rl = SAMLSPUtilities::validateElement($l3);
if (!($rl !== FALSE)) {
goto Dm;
}
$this->wasSignedAtConstruction = TRUE;
$this->certificates = $rl["Certificates"];
$this->signatureData = $rl;
Dm:
}
public function validate(XMLSecurityKey $WO)
{
if (!($this->signatureData === NULL)) {
SAMLSPUtilities::validateSignature($this->signatureData, $WO);
return TRUE;
}
return FALSE;
}
public function getId()
{
return $this->id;
}
public function setId($It)
{
$this->id = $It;
}
public function getIssueInstant()
{
return $this->issueInstant;
}
public function setIssueInstant($kC)
{
$this->issueInstant = $kC;
}
public function getIssuer()
{
return $this->issuer;
}
public function setIssuer($Ai)
{
$this->issuer = $Ai;
}
public function getNameId()
{
if (!($this->encryptedNameId !== NULL)) {
return $this->nameId;
}
throw new Exception("Attempted to retrieve encrypted NameID without decrypting it first.");
}
public function setNameId($OJ)
{
$this->nameId = $OJ;
}
public function isNameIdEncrypted()
{
if (!($this->encryptedNameId !== NULL)) {
return FALSE;
}
return TRUE;
}
public function encryptNameId(XMLSecurityKey $WO)
{
$ik = new DOMDocument();
$Bf = $ik->createElement("root");
$ik->appendChild($Bf);
SAMLSPUtilities::addNameId($Bf, $this->nameId);
$OJ = $Bf->firstChild;
SAMLSPUtilities::getContainer()->debugMessage($OJ, "encrypt");
$NA = new XMLSecEnc();
$NA->setNode($OJ);
$NA->type = XMLSecEnc::Element;
$Z3 = new XMLSecurityKey(XMLSecurityKey::AES128_CBC);
$Z3->generateSessionKey();
$NA->encryptKey($WO, $Z3);
$this->encryptedNameId = $NA->encryptNode($Z3);
$this->nameId = NULL;
}
public function decryptNameId(XMLSecurityKey $WO, array $io = array())
{
if (!($this->encryptedNameId === NULL)) {
$OJ = SAMLSPUtilities::decryptElement($this->encryptedNameId, $WO, $io);
SAMLSPUtilities::getContainer()->debugMessage($OJ, "decrypt");
$this->nameId = SAMLSPUtilities::parseNameId($OJ);
$this->encryptedNameId = NULL;
// [PHPDeobfuscator] Implied return
return;
}
return;
}
public function decryptAttributes(XMLSecurityKey $WO, array $io = array())
{
if (!($this->encryptedAttribute === NULL)) {
$ji = TRUE;
$QK = $this->encryptedAttribute;
foreach ($QK as $Yz) {
$V0 = SAMLSPUtilities::decryptElement($Yz->getElementsByTagName("EncryptedData")->item(0), $WO, $io);
if ($V0->hasAttribute("Name")) {
$YB = $V0->getAttribute("Name");
if ($V0->hasAttribute("NameFormat")) {
$rn = $V0->getAttribute("NameFormat");
// [PHPDeobfuscator] Implied goto
goto NJ;
}
$rn = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
NJ:
if ($ji) {
$this->nameFormat = $rn;
$ji = FALSE;
// [PHPDeobfuscator] Implied goto
goto YZ;
}
if (!($this->nameFormat !== $rn)) {
goto KG;
}
$this->nameFormat = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
KG:
YZ:
if (isset($this->attributes[$YB])) {
goto LP;
}
$this->attributes[$YB] = array();
LP:
$Yr = SAMLSPUtilities::xpQuery($V0, "./saml_assertion:AttributeValue");
foreach ($Yr as $cK) {
$this->attributes[$YB][] = trim($cK->textContent);
}
}
throw new Exception("Missing name on <saml:Attribute> element.");
}
// [PHPDeobfuscator] Implied return
return;
}
return;
}
public function getNotBefore()
{
return $this->notBefore;
}
public function setNotBefore($vN)
{
$this->notBefore = $vN;
}
public function getNotOnOrAfter()
{
return $this->notOnOrAfter;
}
public function setNotOnOrAfter($ef)
{
$this->notOnOrAfter = $ef;
}
public function setEncryptedAttributes($IN)
{
$this->requiredEncAttributes = $IN;
}
public function getValidAudiences()
{
return $this->validAudiences;
}
public function setValidAudiences(array $sQ = NULL)
{
$this->validAudiences = $sQ;
}
public function getAuthnInstant()
{
return $this->authnInstant;
}
public function setAuthnInstant($Rd)
{
$this->authnInstant = $Rd;
}
public function getSessionNotOnOrAfter()
{
return $this->sessionNotOnOrAfter;
}
public function setSessionNotOnOrAfter($Zm)
{
$this->sessionNotOnOrAfter = $Zm;
}
public function getSessionIndex()
{
return $this->sessionIndex;
}
public function setSessionIndex($VU)
{
$this->sessionIndex = $VU;
}
public function getAuthnContext()
{
if (empty($this->authnContextClassRef)) {
if (empty($this->authnContextDeclRef)) {
return NULL;
}
return $this->authnContextDeclRef;
}
return $this->authnContextClassRef;
}
public function setAuthnContext($Cb)
{
$this->setAuthnContextClassRef($Cb);
}
public function getAuthnContextClassRef()
{
return $this->authnContextClassRef;
}
public function setAuthnContextClassRef($uA)
{
$this->authnContextClassRef = $uA;
}
public function setAuthnContextDecl(SAML2_XML_Chunk $hv)
{
if (empty($this->authnContextDeclRef)) {
$this->authnContextDecl = $hv;
// [PHPDeobfuscator] Implied return
return;
}
throw new Exception("AuthnContextDeclRef is already registered! May only have either a Decl or a DeclRef, not both!");
}
public function getAuthnContextDecl()
{
return $this->authnContextDecl;
}
public function setAuthnContextDeclRef($gB)
{
if (empty($this->authnContextDecl)) {
$this->authnContextDeclRef = $gB;
// [PHPDeobfuscator] Implied return
return;
}
throw new Exception("AuthnContextDecl is already registered! May only have either a Decl or a DeclRef, not both!");
}
public function getAuthnContextDeclRef()
{
return $this->authnContextDeclRef;
}
public function getAuthenticatingAuthority()
{
return $this->AuthenticatingAuthority;
}
public function setAuthenticatingAuthority($ki)
{
$this->AuthenticatingAuthority = $ki;
}
public function getAttributes()
{
return $this->attributes;
}
public function setAttributes(array $QK)
{
$this->attributes = $QK;
}
public function getAttributeNameFormat()
{
return $this->nameFormat;
}
public function setAttributeNameFormat($rn)
{
$this->nameFormat = $rn;
}
public function getSubjectConfirmation()
{
return $this->SubjectConfirmation;
}
public function setSubjectConfirmation(array $XZ)
{
$this->SubjectConfirmation = $XZ;
}
public function getSignatureKey()
{
return $this->signatureKey;
}
public function setSignatureKey(XMLsecurityKey $Gc = NULL)
{
$this->signatureKey = $Gc;
}
public function getEncryptionKey()
{
return $this->encryptionKey;
}
public function setEncryptionKey(XMLSecurityKey $em = NULL)
{
$this->encryptionKey = $em;
}
public function setCertificates(array $mG)
{
$this->certificates = $mG;
}
public function getCertificates()
{
return $this->certificates;
}
public function getSignatureData()
{
return $this->signatureData;
}
public function getWasSignedAtConstruction()
{
return $this->wasSignedAtConstruction;
}
public function toXML(DOMNode $pR = NULL)
{
if ($pR === NULL) {
$HL = new DOMDocument();
$pR = $HL;
// [PHPDeobfuscator] Implied goto
goto BZ;
}
$HL = $pR->ownerDocument;
BZ:
$Bf = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Assertion");
$pR->appendChild($Bf);
$Bf->setAttributeNS("urn:oasis:names:tc:SAML:2.0:protocol", "samlp:tmp", "tmp");
$Bf->removeAttributeNS("urn:oasis:names:tc:SAML:2.0:protocol", "tmp");
$Bf->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:tmp", "tmp");
$Bf->removeAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "tmp");
$Bf->setAttributeNS("http://www.w3.org/2001/XMLSchema", "xs:tmp", "tmp");
$Bf->removeAttributeNS("http://www.w3.org/2001/XMLSchema", "tmp");
$Bf->setAttribute("ID", $this->id);
$Bf->setAttribute("Version", "2.0");
$Bf->setAttribute("IssueInstant", gmdate("Y-m-d\\TH:i:s\\Z", $this->issueInstant));
$Ai = SAMLSPUtilities::addString($Bf, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:Issuer", $this->issuer);
$this->addSubject($Bf);
$this->addConditions($Bf);
$this->addAuthnStatement($Bf);
if ($this->requiredEncAttributes == FALSE) {
$this->addAttributeStatement($Bf);
// [PHPDeobfuscator] Implied goto
goto kN;
}
$this->addEncryptedAttributeStatement($Bf);
kN:
if (!($this->signatureKey !== NULL)) {
goto p_;
}
SAMLSPUtilities::insertSignature($this->signatureKey, $this->certificates, $Bf, $Ai->nextSibling);
p_:
return $Bf;
}
private function addSubject(DOMElement $Bf)
{
if (!($this->nameId === NULL && $this->encryptedNameId === NULL)) {
$Ja = $Bf->ownerDocument->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Subject");
$Bf->appendChild($Ja);
if ($this->encryptedNameId === NULL) {
SAMLSPUtilities::addNameId($Ja, $this->nameId);
// [PHPDeobfuscator] Implied goto
goto vy;
}
$Vr = $Ja->ownerDocument->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:EncryptedID");
$Ja->appendChild($Vr);
$Vr->appendChild($Ja->ownerDocument->importNode($this->encryptedNameId, TRUE));
vy:
foreach ($this->SubjectConfirmation as $h9) {
$h9->toXML($Ja);
}
// [PHPDeobfuscator] Implied return
return;
}
return;
}
private function addConditions(DOMElement $Bf)
{
$HL = $Bf->ownerDocument;
$Bc = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Conditions");
$Bf->appendChild($Bc);
if (!($this->notBefore !== NULL)) {
goto tS;
}
$Bc->setAttribute("NotBefore", gmdate("Y-m-d\\TH:i:s\\Z", $this->notBefore));
tS:
if (!($this->notOnOrAfter !== NULL)) {
goto Po;
}
$Bc->setAttribute("NotOnOrAfter", gmdate("Y-m-d\\TH:i:s\\Z", $this->notOnOrAfter));
Po:
if (!($this->validAudiences !== NULL)) {
goto vG;
}
$za = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AudienceRestriction");
$Bc->appendChild($za);
SAMLSPUtilities::addStrings($za, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:Audience", FALSE, $this->validAudiences);
vG:
}
private function addAuthnStatement(DOMElement $Bf)
{
if (!($this->authnInstant === NULL || $this->authnContextClassRef === NULL && $this->authnContextDecl === NULL && $this->authnContextDeclRef === NULL)) {
$HL = $Bf->ownerDocument;
$fb = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnStatement");
$Bf->appendChild($fb);
$fb->setAttribute("AuthnInstant", gmdate("Y-m-d\\TH:i:s\\Z", $this->authnInstant));
if (!($this->sessionNotOnOrAfter !== NULL)) {
goto EL;
}
$fb->setAttribute("SessionNotOnOrAfter", gmdate("Y-m-d\\TH:i:s\\Z", $this->sessionNotOnOrAfter));
EL:
if (!($this->sessionIndex !== NULL)) {
goto yr;
}
$fb->setAttribute("SessionIndex", $this->sessionIndex);
yr:
$Yc = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnContext");
$fb->appendChild($Yc);
if (empty($this->authnContextClassRef)) {
goto Bz;
}
SAMLSPUtilities::addString($Yc, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnContextClassRef", $this->authnContextClassRef);
Bz:
if (empty($this->authnContextDecl)) {
goto kk;
}
$this->authnContextDecl->toXML($Yc);
kk:
if (empty($this->authnContextDeclRef)) {
goto bm;
}
SAMLSPUtilities::addString($Yc, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthnContextDeclRef", $this->authnContextDeclRef);
bm:
SAMLSPUtilities::addStrings($Yc, "urn:oasis:names:tc:SAML:2.0:assertion", "saml:AuthenticatingAuthority", FALSE, $this->AuthenticatingAuthority);
// [PHPDeobfuscator] Implied return
return;
}
return;
}
private function addAttributeStatement(DOMElement $Bf)
{
if (!empty($this->attributes)) {
$HL = $Bf->ownerDocument;
$dB = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeStatement");
$Bf->appendChild($dB);
foreach ($this->attributes as $YB => $Yr) {
$V0 = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Attribute");
$dB->appendChild($V0);
$V0->setAttribute("Name", $YB);
if (!($this->nameFormat !== "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")) {
goto mL;
}
$V0->setAttribute("NameFormat", $this->nameFormat);
mL:
foreach ($Yr as $cK) {
if (is_string($cK)) {
$YE = "xs:string";
goto T2;
}
if (is_int($cK)) {
$YE = "xs:integer";
// [PHPDeobfuscator] Implied goto
goto T2;
}
$YE = NULL;
T2:
$uQ = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeValue");
$V0->appendChild($uQ);
if (!false) {
goto cX;
}
$uQ->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:type", $YE);
cX:
if (!is_null($cK)) {
goto oM;
}
$uQ->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:nil", "true");
oM:
if ($cK instanceof DOMNodeList) {
$lw = 0;
yg:
if (!($lw < $cK->length)) {
goto bD;
}
$Kp = $HL->importNode($cK->item($lw), TRUE);
$uQ->appendChild($Kp);
$lw++;
goto yg;
}
$uQ->appendChild($HL->createTextNode($cK));
bD:
wh:
}
}
// [PHPDeobfuscator] Implied return
return;
}
return;
}
private function addEncryptedAttributeStatement(DOMElement $Bf)
{
if (!($this->requiredEncAttributes == FALSE)) {
$HL = $Bf->ownerDocument;
$dB = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeStatement");
$Bf->appendChild($dB);
foreach ($this->attributes as $YB => $Yr) {
$PN = new DOMDocument();
$V0 = $PN->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:Attribute");
$V0->setAttribute("Name", $YB);
$PN->appendChild($V0);
if (!($this->nameFormat !== "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")) {
goto DV;
}
$V0->setAttribute("NameFormat", $this->nameFormat);
DV:
foreach ($Yr as $cK) {
if (is_string($cK)) {
$YE = "xs:string";
goto xm;
}
if (is_int($cK)) {
$YE = "xs:integer";
// [PHPDeobfuscator] Implied goto
goto xm;
}
$YE = NULL;
xm:
$uQ = $PN->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:AttributeValue");
$V0->appendChild($uQ);
if (!false) {
goto Nt;
}
$uQ->setAttributeNS("http://www.w3.org/2001/XMLSchema-instance", "xsi:type", $YE);
Nt:
if ($cK instanceof DOMNodeList) {
$lw = 0;
iY:
if (!($lw < $cK->length)) {
goto QJ;
}
$Kp = $PN->importNode($cK->item($lw), TRUE);
$uQ->appendChild($Kp);
$lw++;
goto iY;
}
$uQ->appendChild($PN->createTextNode($cK));
QJ:
uy:
}
$u_ = new XMLSecEnc();
$u_->setNode($PN->documentElement);
$u_->type = "http://www.w3.org/2001/04/xmlenc#Element";
$Z3 = new XMLSecurityKey(XMLSecurityKey::AES256_CBC);
$Z3->generateSessionKey();
$u_->encryptKey($this->encryptionKey, $Z3);
$rK = $u_->encryptNode($Z3);
$Ve = $HL->createElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml:EncryptedAttribute");
$dB->appendChild($Ve);
$Lk = $HL->importNode($rK, TRUE);
$Ve->appendChild($Lk);
}
// [PHPDeobfuscator] Implied return
return;
}
return;
}
public function getPrivateKeyUrl()
{
return $this->privateKeyUrl;
}
public function setPrivateKeyUrl($NI)
{
$this->privateKeyUrl = $NI;
}
}Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.